[keycloak-dev] Unable to assign roles from a federation provider
Scott Rossillo
srossillo at smartling.com
Mon Jul 6 15:05:30 EDT 2015
Hi Marek,
Thank you. That did the trick!
Best,
Scott
> On Jun 17, 2015, at 6:20 AM, Marek Posolda <mposolda at redhat.com> wrote:
>
> Hi,
>
> you should use method "userModel.grantRole(role)" to add new role mapping. Methods "getRoleMappings" and "getRealmRoleMappings" are used just for reading existing role mappings of user.
>
> Marek
>
> On 15.6.2015 16:49, Scott Rossillo wrote:
>> Hey all,
>>
>> I was going to create a JIRA for this, but just want to make sure it’s an actual bug. We are not able to assign roles to a user from a federation provider.
>>
>> For example, we expected something like this to work from UserFederationProvider. getUserByUsername(RealmModel realm, String username):
>>
>> if (remoteUser.getRoles() != null) {
>> for (String roleName : remoteUser.getRoles()) {
>> RoleModel role = realm.getRole(roleName);
>> userModel.getRoleMappings().add(role); // doesn’t work
>> userModel.getRealmRoleMappings().add(role); // doesn’t work
>> }
>> }
>>
>> However, nothing but the default role is assigned even when we confirm additional roles are assigned to remoteUser and realm.getRole() returns a valid RoleModel.
>>
>> Create JIRA or should we be assigning roles from a UserFederationProvider in another way?
>>
>> Thanks
>>
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev <https://lists.jboss.org/mailman/listinfo/keycloak-dev>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150706/04749bdc/attachment.html
More information about the keycloak-dev
mailing list